National Lottery online accounts ‘hacked’ - what you need to know

National Lottery operator Camelot has said that "suspicious activity" has been detected "on a very small proportion of our players' online National Lottery Accounts".

Share

Get weekly updates directly to your inbox

Thank you for subscribing!

Could not subscribe, try again laterInvalid Email

THE National Lottery ‘s website has been hacked and tens of thousands of customer accounts have been accessed.

Organisers Camelot say that around 26,500 online accounts were accessed after the breach happened on Monday, although it has been stressed that no money has been taken from or added to any of the compromised accounts.

Camelot are contacting the affected customers directly. It says that some personal details were changed in about 50 of those accounts, and those customers’ accounts are being suspended and re-activated.

For all other accessed accounts, customers are being forced to change their passwords.

In a statement, Camelot said: “We would like to make clear that there has been no unauthorised access to core National Lottery systems or any of our databases, which would affect National Lottery draws or payment of prizes. In addition, no money has been deposited or withdrawn from affected player accounts.

“We are currently taking all the necessary steps to fully understand what has happened, but we believe that the email address and password used on the National Lottery website may have been stolen from another website where affected players use the same details.

“We do not hold full debit card or bank account details in National Lottery players’ online accounts and no money has been taken or deposited. However, we do believe that this attack may have resulted in some of the personal information that the affected players hold in their online account being accessed.

“Cyber criminals such as this are persistent, and we are continuing to monitor and protect our systems. We are also working closely with the National Crime Agency and the National Cyber Security Centre on an ongoing basis on this criminal matter.

“We’d like to reassure our customers that protecting their personal data is of the utmost importance to us. We are very sorry for any inconvenience this may cause to our players and would like to encourage those with any concerns to contact us directly, so we can discuss it with them in more detail.”

Following the National Lottery hacking, The Institution of Engineering and Technology’s (IET) cyber security expert has come up with ten top tips, which, if followed, will help to keep online shoppers safe.

Prof. Roy Isbell from the IET said: “When shopping online it’s very important to remain vigilant just as we would if we were instore, where we would take care to ensure our PIN number is kept secure and that our wallets and purses are kept out of site. Online shopping can be much simpler and safe as long as we all remain vigilant and follow a few easy tips.”

The top ten tips are:

• Ensure you are connected securely with the website by making sure that the address is prefixed by https://

• Use of added browser security plugins such as ‘Ghostery’, ‘HTTPS Everywhere’ and ‘No/NotScript’. This will affect your browsing experience, but will help identify when sites try to redirect and will assist in stopping malicious scripts from running. Take care though as third party payment sites are redirects.

• Use the browser security functionality. Do not disable these unless absolutely necessary.

• Ensure your browser and plug-ins are all updated to the latest version.

• Shop using credit not debit card or use delayed payment facilities such as those offered by PayPal.

• Provide minimum information when setting up an account and use a unique password for that site. If you want to avoid being bombarded with mail, ensure that you check or uncheck the box relating to offer notifications or you will be added to mailing lists that may get shared or sold on.

• If buying from a new website, do some due diligence first to ensure that it is reputable. Don’t trust all the reviews implicitly. Look for a physical address and telephone numbers.

• Check the site for privacy and returns policies and that the policies are acceptable to you.